Encrypting Healthcare Information
Encrypting information is a good way to protect it from cyber criminals, but most sensitive information goes unencrypted, says HPE Distinguished Technologist Luther Martin. It’s no secret that data breaches of unencrypted sensitive information has become an epidemic in the healthcare industry. Just peruse this Modern Healthcare Magazine data breach page, which keeps a running tab of healthcare breaches.
In 2012, within the United States alone, there was between $100 and $200 billion worth of healthcare fraud, continues Martin. The demand for healthcare information is so great that the street price of stolen medial records has reached approximately 10 times more than that of stolen credit card numbers. Despite the huge amounts of healthcare fraud, Martin believes there are reasons why protecting sensitive data has not been implemented in the healthcare industry.
The main reason, he surmises, is that the healthcare industry’s main focus is on healthcare technologies, not security technologies. Large investments in protecting sensitive data could put patient lives on the backburner. When faced with the decision to purchase a new MRI machine or software that encrypts email, healthcare organizations opt for the decision that directly improves patients’ lives. Many healthcare organizations are reluctant to invest in protection of sensitive information for this reason, says Martin.
Good news in on the horizon. While the healthcare industry has been slow to adopt encryption technologies, they can now learn from the experiences of others, Martin points out. Organizations directly involved with processing credit or debit card data have spent ten years learning how to protect the sensitive payment information of their consumers. The Payment Card Industry Data Security Standard have revised and implemented documents that reflect the lessons learned. Healthcare organizations can follow suit.
You can find out more about encrypting healthcare information in Luther Martin’s blog, “Learning how to encrypt healthcare information.”
To learn more about how hackers are progressing into organized businesses beyond healthcare, read the Business of Hacking report.